1

I'm in a bit of a situation. We have our private subversion server that we use for development, but one of our government clients is requesting access to our commit logs so that they can get an up-to-date picture of what we've been doing on the system.

I don't have a problem with them reading our commit logs, but what I do have a problem with is them having access to our source code - they can't have read or write.

The obvious solution is to do an svn log ourselves and give them an export, but they want direct SVN access as they apparently have an auditing solution that will import the svn log command automagically.

So, is there a way I can set up access to a subversion repo and deny them access to everything except svn log? I don't care if I have to set up a virtualhost just for this, but it has to be done over http(s). We're also using LDAP for authentication if that makes any difference.

Mark Henderson
  • 68,823
  • 31
  • 180
  • 259

1 Answers1

4

According to http://svn.apache.org/repos/asf/subversion/trunk/notes/http-and-webdav/webdav-protocol, you can use svn over HTTPS and limit their allowable access methods in host config to OPTIONS, PROPFIND & REPORT. Haven't got a server to test now, but seems pretty straight forward.

Wrikken
  • 981
  • 9
  • 22
  • Perfect - thanks. It's going to give them access to a few other functions, (like `svn ls`) but that's OK because they can't read or write any of the files. – Mark Henderson Jun 18 '10 at 02:35
  • Almost works perfectly, run into a problem with Apache I think. I've asked a question here: http://serverfault.com/questions/152348/ – Mark Henderson Jun 18 '10 at 02:43